Slashdot Mirror

← Back to Stories (view on slashdot.org)

Intel Establishes Automotive Security Review Board

Posted by samzenpus on from the protect-ya-neck dept.

An anonymous reader writes: To help mitigate the cyber-security risks in connected automobiles Intel has established the Automotive Security Review Board (ASRB). Intel says: "The board will encompass top security industry talent across the globe with particular areas of expertise in cyber-physical systems. The ASRB researchers will perform ongoing security tests and audits intended to codify best practices and design recommendations for advanced cybersecurity solutions and products to benefit the automobile industry and drivers. Intel also published the first version of its automotive cybersecurity best practices white paper, which the company will continue to update based on ASRB findings."

6 of 39 comments (clear)

  1. Pot, Kettle by phantomfive · · Score: 2

    Intel should get their own game in gear before telling other people what to do. It takes special effort to create a system that's exploitable on both Mac and Windows, but Intel has done it.

    --
    "First they came for the slanderers and i said nothing."
  2. The danger by phantomfive · · Score: 2

    The real danger here is that manufacturers can use this as an excuse to avoid liability.......they can say, "It's not our fault the car got hacked and rammed into the building, we followed industry standards!"

    We don't want them to "follow industry standards," we want them to write secure software.

    --
    "First they came for the slanderers and i said nothing."
  3. How about not connecting cars to the Internet by jonwil · · Score: 3, Insightful

    The best place to start in making cars more secure is to stop connecting them to the Internet or cellular networks. It makes them vulnerable to remote exploits and increases the cost of the car.

    But now we have some jurisdictions (EU I think is one) mandating cellular connections in new cars so they can support "emergency features" (presumably stuff so when the car is involved in a serious crash, the car can notify emergency services automatically in case the occupants are pinned down or unconscious and cant make an emergency call themselves)

    Get rid of the cellular connections, get rid of all this "infotainment" crap (whoever thought "apps" in a car is a good idea is an idiot). And spend some money on really strong encryption in things like the remote unlock keyfobs and engine immobilisers so hackers cant get in.

    1. Re:How about not connecting cars to the Internet by phantomfive · · Score: 2

      But now we have some jurisdictions (EU I think is one) mandating cellular connections in new cars so they can support "emergency features"

      Wow, that's a horrible idea. First thing I'm going to do is disable that shit.

      --
      "First they came for the slanderers and i said nothing."
  4. Re:Another boondoggle? by epyT-R · · Score: 2

    Yup. All wrong. No one's been able to secure much of anything these days. As a result, mission critical equipment like personal vehicles should not have unnecessary complexity or connectivity. Let owner's cellphone do that for auxiliary purposes only (music streaming, navigation etc).

  5. Consumer Reports by Spazmania · · Score: 2

    Just need consumer reports to start ranking reviewed cars on their information security.

    Entertainment system has a network connection with the life-safety network without a one-way transfer? D. And a connection to Bluetooth or the Internet? F.

    Note that this means Tesla would get an F.

    --
    Moderating "-1, Disagree" is simple censorship. Have the guts to post your opinion.